In our prior posts we discussed why historically retailers focused on the transaction when trying to detect fraud. But pulling back to observe the whole lifecycle of account creation and usage can tell us so much more about both the good user and the bad actor.
What can you learn when you look at the entire user account life cycle? Lots. And with it you can change the user experience in profound ways.
Reward and Protect Good Actors
If you knew that the user on your website was absolutely the person they said they are, would you treat them differently? Why would you make it harder for them to use your website? Simplification of website decision simplicity can have a huge impact; even a 20% reduction results in a 96% increase in customer loyalty, 86% more likely to purchase and 115% more likely to recommend to a friend. When legitimate users aren’t asked extra security questions or are forced through multiple screens to complete their transaction, it builds up trust in the company, which translates into more usage, and more transactions. These methods vastly reduce false positives, transactions flagged as suspicious in traditional rules schemes, increasingly ROI dramatically. That’s a visible benefit to companies — more engagement leads to more transactions.
But that’s still protecting accounts, and so transactions, one at a time. Machine learning and behavioral biometrics takes those individual transactions and step way back. While every user is unique, there are things we all have in common that do deeper than just basic demographic information. Groups of behaviors emerge, patterns that emerge as statistically significant, letting us observe and understand user trends that were invisible to us before. This can be used when creating more robust marketing plans, but can also be used in protect against wide-scale attacks.
Identify Bad Agents Earlier
If you could tell, based on behavior, that a particular user had an 80% chance of committing fraud, would you treat them the same way? Or make sure that you had extra steps in place first? A bad actor creating a fake account has unmistakable tells — things like creating an account that then doesn’t go on to access or use the site at all, or one that cycles dozens of credit cards in order to find one that works.
More than that, observing the one bad actor gives us insight into how other bad actors behave. As fraudsters have automated their systems, they’ve started creating accounts en masse. In earlier posts, we alluded to why they do this — in order to avoid rule sets that automatically flag new accounts for a set period of time for example — but you might ask, why not lock those account immediately? Because this is the opportunity for us to watch and learn about them, too.
Because fraudsters tactics change over time, the more information we have on them, the better. We can safely sandbox these fraudulent accounts, learn how they test systems for weaknesses, build a better fraudster profile with every interaction. More, as we learn about how they behave in one retailer’s ecosystem, we can see them coming when they start digging into another retailer long before the fraudsters even suspect we’re on to them.
Good users, bad actors. The customer relationship started not at the cash register but the moment your customer entered your store. The same isn’t just true in the digital age – it’s more important than ever before.